/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

package com.ericsson.nfc.signing.certificate;

import com.ericsson.nfc.signing.algorithm.DSAVerifier;
import com.ericsson.nfc.signing.algorithm.ECDSAVerifier;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERObject;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.asn1.x509.X509CertificateStructure;

/**
 *
 * @author emarkki
 */
public class X509Certificate implements Certificate {
    
    private X509CertificateStructure structure;

    public X509Certificate(byte[] bytes) throws IOException {
        this(new ByteArrayInputStream(bytes));
    }
    
    public X509Certificate(InputStream in) throws IOException {
        ASN1InputStream aIn = new ASN1InputStream(in);
        DERObject o = aIn.readObject();
        if(!(o instanceof ASN1Sequence)) {
            throw new IOException("Unexpected content: " + o);
        }
        ASN1Sequence encodedSeq = (ASN1Sequence) o;
        structure = X509CertificateStructure.getInstance(encodedSeq);
    }

    public X509CertificateStructure getStructure() {
        return structure;
    }

    public byte[] getBytes() throws IOException {
        return structure.getEncoded();
    }

    public SubjectPublicKeyInfo getSubjectPublicKeyInfo() {
        return structure.getSubjectPublicKeyInfo();
    }
    
    public static String getAlgorithmName(AlgorithmIdentifier algoritmIdentifier) {
        
        DERObjectIdentifier algorithmObjectId = algoritmIdentifier.getObjectId();
        
        if(PKCSObjectIdentifiers.rsaEncryption.equals(algorithmObjectId)) {
            return "RSA";
        } else if (PKCSObjectIdentifiers.sha1WithRSAEncryption.equals(algorithmObjectId)) {
            return "sha1WithRSA";
        } else if (ECDSAVerifier.ECDSA.equals(algorithmObjectId)) {
            return "ECDSA";
        } else if (ECDSAVerifier.SHA1withECDSA.equals(algorithmObjectId)) {
            return "sha1WithECDSA";
        } else if(DSAVerifier.id_dsa_with_sha1.equals(algorithmObjectId)) {
            return "sha1WithDSA";
        } else if(DSAVerifier.id_dsa.equals(algorithmObjectId)) {
            return "DSA";
        }
        
        return algorithmObjectId.toString();
    }
}
